Dome9 Valuable Features

BasilDange
Sr Manager IT Security at a financial services firm with 10,001+ employees
* The IAM role gives us complete control over the cloud environment. In case someone tries to bypass and create a user or policy locally, which is not allowed or defined in Dome9, changes will be rolled back and a notification will be sent to the concerned team. * It's always ON and available on a mobile device using the app. * There is complete visibility of the traffic flow with threat intelligence provided from Check Point. It even provides communication detail on any suspicious IPs. * Provides detailed information if some workload tries to directly access and bypass any firewall policy. * Provides a granular level of reports along with issues based on compliance standards, which are defined depending upon organizational requirements. * Task delegation as a particular incident can be assigned to a particular individual. The same can also be done manually or automatically. * Customizes queries for detecting any incident. The solution is pretty straightforward to use, as it is only a SaaS model. You just need to enable the accounts for which Dome9 needs to do validation, and that's it. Compliance checking capabilities: When you enroll your account, we have multiple accounts. Once you enter that on Dome9, it does a complete scan of your account based on these flow logs. It checks: "What are the security flaws?" So, the compliance depends on the company and what they are using as a benchmark. Normally, for India, we use the CIS as a benchmark, then whatever flow logs are available, those are provided in the reports. Then, we check those compliance reports against the CIS benchmark, and accordingly, take actions. We can then know what are the deviation on the cloud platform and on the account, with respect to the CIS. There are some use cases where you will not have reports readily available or not get the dashboard for particular outputs. You can create a query on the console for those, e.g., if a particular EXE file started on a workload, we can find out if that is running anywhere in the cloud. While it does not provide details on the process level, it will provide us with which sensor is communicating to which IP addresses as well as if there are any deviations from that pattern. It has remediation capabilities, and there are two options available: * You can do automatic remediation, where you need to define the policy for which unit that you are doing remediation. * It can be assigned to a particular team or group of people for its particular vulnerabilities of security flaws. That ticket can then be raised to service quotas be remediated manually. View full review »
reviewer1098015
Network Security Engineer/Architect at a tech services company with 1,001-5,000 employees
We have full visibility of our cloud infrastructure in terms of compliance and security. For example, if someone has a machine that doesn't comply with the company policy, then we get an alert. Security visibility is very good. Usually, when it's the security report, they match the reality and are correct, then they raise some alerts. Almost 100 percent of the time, we will need to do some tweaking to fix issues. It is a very good tool for both cloud compliance and governance. We use it for both. We can monitor our entire cloud infrastructure. It provides reports on our security, then if we have to fix something in regards to the security, we can do it in a centralized tool. If you go to AWS and check each tool and server if it is compliant, then it's a mess, but this tool works. It is very simple for governance and reducing the risk. The solution helps us to minimize attack surface and manage dynamic access. With Dome9, we are sure our machines are not exposed to the Internet. We have reports about users who access of our AWS accounts with the EAM function, which reduces our attack surface. This solution provide a unified security solution across all major public clouds. We have all our infrastructure integrated on Dome9, so it provides us security on our entire cloud infrastructure, both AWS and Azure, which we are currently integrating. View full review »
reviewer1398609
Senior Manager at a financial services firm with 10,001+ employees
1) IAM role is the feature which is widely used as it provides a granular level of control and visibility of any changes happening within our Cloud network 2) Benchmark of our network 3) Complaisance and reporting to understand and mitigate any security issue 4) Threat intel integration which provides us visibility in case any workload is communicating with Suspicious or blacklisted IP 5) Centralize dashboard for different tenant and account 6) Assets Management as it provide complete visibility of our workload inkling EC2 instance or Serverless View full review »
Learn what your peers think about Dome9. Get advice and tips from experienced pros sharing their opinions. Updated: August 2020.
442,517 professionals have used our research since 2012.
reviewer1343916
Product Manager at a tech services company with 51-200 employees
The most valuable feature is the discovery. People are often quite shocked when they run the analysis and figure out all of the accounts and servers that are running in their environment. These are accounts that they are unaware of. The reporting against compliance is an important feature that helps you comply with policies and standards within your organization. View full review »
Oleg Pekar
Senior Network/Security Engineer at Skywind Group
* This product provides a really nice visualization of the infrastructure, including network topology, firewalls, etc. It's cozy to configure stuff, and also to wander around the interface in general. * The Compliance Engine is powerful. We rely heavily on this feature since we must comply with the various security standards to work in the gambling sphere across the globe, and especially in the United States and European Union. * The solution continuously monitors config modifications and may alarm the relevant administrators, or even revert the configs automatically. View full review »
Paul Liversidge
Owner at Liversidge Consulting Ltd
The feature that I found most valuable is the ability to scan IAM, the Identity and Access Management tool, for all of the privileged accounts. View full review »
Naveen Govindappa
Solution Architect Cloud Security at a tech vendor with 10,001+ employees
All of the features are very useful in today's market. View full review »
Learn what your peers think about Dome9. Get advice and tips from experienced pros sharing their opinions. Updated: August 2020.
442,517 professionals have used our research since 2012.